FireEye Breach Detection Guidance
Update 12/14: Cisco Talos has implemented additional blocks in relation to the supply chain attack on SolarWinds® Orion® Platform. The U.S. Cybersecurity and Infrastructure Security Agency has issued Emergency Directive 21-01 due to this campaign. Talos is continuing to investiga
Threat Roundup for December 4 to December 11
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Dec. 4 and Dec. 11. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting ke
Threat Source newsletter (Dec. 10, 2020)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. Cyber security firm FireEye recently disclosed an incident that was reported to have resulted in the inadvertent disclosure of various internally developed offensive security tools (OSTs) that were used across F
Beers with Talos Ep. #97: Getting to better security outcomes (feat. Wendy Nather)
Beers with Talos (BWT) Podcast episode No. 97 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded Nov. 24, 2020 – On this episode, Mitch and Matt are joined by Wendy Nath
Vulnerability Spotlight: Multiple vulnerabilities in Foxit PDF Reader JavaScript engine
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Executive summary Cisco Talos recently discovered multiple vulnerabilities in Foxit PDF Reader’s JavaScript engine. Foxit PDF Reader is a commonly used PDF reader that contains many featur
Quarterly Report: Incident Response trends from Fall 2020
By David Liebenberg and Caitlin Huey. For the sixth quarter in a row, Cisco Talos Incident Response (CTIR) observed ransomware dominating the threat landscape. However, for the first quarter since we began compiling these reports, no engagements that were closed out involved the
Vulnerability Spotlight: Remote code execution vulnerabilities in Schneider Electric EcoStruxure
Alexander Perez-Palma and Jared Rittle of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered two code execution vulnerabilities in Schneider Electric EcoStruxure. An attacker could exploit these vulnerabilities by sending the victim a
Vulnerability Spotlight: Code execution vulnerability in Microsoft Excel
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered a code execution vulnerability in some versions of Microsoft Excel. An attacker could exploit this vulnerability by tricking the victim into opening a special
Microsoft Patch Tuesday (Dec. 2020) — Snort rules and notable vulnerabilities
By Jon Munshaw, with contributions from Bill Largent. Microsoft released its monthly security update Tuesday, disclosing 58 vulnerabilities across its suite of products, the lowest number of vulnerabilities in any Patch Tuesday since January. There are only 10 critical vulnerab